We help you save time, money and improve your IT security

Integrate Third-Party Patch Management in Microsoft ConfigMgr and Intune

Patch Tuesday Support Group December Webinar


Webinar Summary

In this group healing session, we’ll hear from Jordan Benzing regarding the latest round of Microsoft and 3rd Party patches and highlight those that present particularly disturbing vulnerabilities. Then Bryan Dam will spend a few minutes discussing general industry news relevant to fellow system administrators. Our good friend Gary Blok will also join us and talk about some of his recent technical exploits.

Our hope for this support group is to provide a short, 30-ish-minute session that fellow system administrators will find helpful in keeping up with our fast-paced industry. Life comes at you fast, so we intend to stay brief and high-level while pointing you toward resources that dig deep if you need to.

Webinar Hosts

Bryan Dam

Bryan Dam

Patch My PC Software Engineer

Bryan Dam

Jordan Benzing

Patch My PC Security Engineer Lead

Gary Block, Patch Tuesday Support Group December Special Guest

Gary Blok

Writer of GARYTOWN ConfigMgr Blog

Register now!

Can’t attend or want to watch at a later time? Register anyway! We send the recording to all registrants after the webinar.

Patch Tuesday Support Group December Webinar

Webinar Summary

In December’s group healing session, you’ll hear from Jordan Benzing and Bryan Dam about the latest round of Microsoft and 3rd Party patches, particularly disturbing vulnerabilities, and general industry news relevant to fellow system administrators. Then, our good friend Gary Blok will also join us and talk about some of his recent technical exploits.

Watch the Webinar Recording

Webinar Hosts

Bryan Dam

Bryan Dam

Patch My PC
Software Engineer

Bryan Dam

Jordan Benzing

Patch My PC
Security Engineer Lead

Gary Block, Patch Tuesday Support Group December Special Guest

Gary Blok

Guest Speaker
GARYTOWN ConfigMgr Blog

Patch Tuesday Support Group Webinar Recap

Patch Tuesday December News

Windows 11, version 23H2 Released. — Copilot in Intune, Copilot in Windows, Windows Passwordless, Multi-App Kiosk with working start menu, LAPS Native Integration. What’s new in Windows 11, version 23H2 for IT pros – What’s new in Windows | Microsoft Learn

Ignite Highlights for Intune. — February general availability for Enterprise App Management, Advanced Analytics, and Cloud PKI. Copilot in Intune private preview. Microsoft Intune news at Microsoft Ignite 2023 | Microsoft Intune Blog

What’s new in Microsoft Intune. — Support for unmanaged PKG-types apps for MacOS, MAM support for GCC and GCC High, Settings Catalog includes Windows Subsystem for Linux (WSL) configuration, and Win32 Apps size limit was bumped to 30Gb by default. What’s new in Microsoft Intune | Microsoft Learn

Microsoft is pushing for Mac management. — Now is the time—manage your Mac endpoints with Microsoft Intune | Microsoft Intune Blog

Configuration Manager 2309. — One of the most problematic upgrades in a while; make sure to install ODBC Driver for SQL Server 18.1.0 or later before you upgrade, must remove resource access policies that not depreciated, and post-upgrade step to reconfigure CMG. Supports native Windows update and reboot UX. Support for changing the Windows Edition. Windows 11 Upgrade Readiness Dashboard; anecdotal results suggest issues, either missing data or outright console crash.  What’s new in version 2309 – Configuration Manager | Microsoft Learn

Azure Automation Update Management Depreciated. — Partly because the Log Analytics agent (MMA) is being depreciated. Being replaced by Azure Update Manager, which requires on-prem servers to be connected via Arc and is ‘up to’ $5 / month. Azure Automation Update Management overview | Microsoft Learn

PowerShell 7.4 General Availability. — What’s new in Windows 11, version 23H2 for IT pros. Learn more about what’s new in Windows 11 version 23H2, including servicing updates, Windows Subsystem for Linux, the latest CSPs, and more. PowerShell 7.4 General Availability – PowerShell Team (microsoft.com)

Microsoft Patches of Note

View the full list of Patch Tuesday release notes at Patch Tuesday Blog Home Page – Patch Tuesday Blog

Updates Released: 59
Critical Severity: 50
Important Severity: 4
Moderate Severity: 5
Unique CVES: 43

Insight into CVEs

No .NET updates this month

Secure Boot Security Feature Bypass VulnerabilityCVE-2023-24932  Score 6.7 Requires local access, exploitation detected in wild. The security update addresses the vulnerability by updating the Windows Boot Manager, but is not enabled by default. Additional steps are required at this time to mitigate the vulnerability. Please refer to the following for steps to determine impact on your environment: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 – Microsoft Support

Windows MSHTML Platform Remote Code Execution VulnerabilityCVE-2023-35628 Score 8.1 Network based attack, less likely. It leverages the MSHTML platform, so when you open the preview window of e-mails in Outlook, it creates an opportunity for attacker to launch a website and do remote code execution on the machine. NOTE: It does not require the user to actually click on a link inside of an e-mail. It just requires them to open the e-mail.

Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityCVE-2023-35618 Score 9.6 Network based attack, less likely. This vulnerability could lead to a browser sandbox escape and could allow the attacker to gain the privileges needed to perform code execution. Less likely because it requires an attacker to entice user into using a website, likely through a phishing e-mail.

Third Party Updates from PMPC

Total Number of Updates: 1936
Total Number of CVES:
Critical: 61
Moderate: 1531
Low: 8

Browser Patch Specifics
Chrome: 12 Patches
FireFox: 180 Patches
Microsoft Edge: 12 Patches
Opera: 10 Patches

Our Customers Love Us

G2 Summer Leader
G2 Best Results
G2 Best Relationship
G2 Best Usability
G2 Most Recommended
G2 Users Love Us

Trusted by Over 6,850 Enterprises on Over 21.5 Million Endpoints

American Express - Patch My PC Customer
Adidas - Patch My PC Customer
NHL - Patch My PC Customer
Toyota - Patch My PC Customer
Mastercard - Patch My PC Customer
General Mills - Patch My PC Customer
Dominos Pizza - Patch My PC Customer
Gartner - Patch My PC Customer
Nasdaq - Patch My PC Customer
NOAA - Patch My PC Customer
Airbus - Patch My PC Customer
FireEye - Patch My PC Customer
Samsung Securities - Patch My PC Customer
Campbell Soup Company - Patch My PC Customer
iHeartMedia - Patch My PC Customer
Phillips 66 - Patch My PC Customer
Pacific Life - Patch My PC Customer
Hyatt Hotels - Patch My PC Customer
National Weather Service - Patch My PC Customer
Sunbelt Rentals - Patch My PC Customer
Subway - Patch My PC Customer
Lufthansa - Patch My PC Customer
Penn State - Patch My PC Customer

Since the day we implemented 3rd party app patching through Patch My PC, we have achieved a more controlled but mainly fast way to update our clients. Our previous packaging process always took at least 1-2 weeks before an updated version of an app was available for deployment.

Gerasimos Bartsas - Adidas
Gerasimos Bartsas
Manager Endpoint Security and Compliance

This is one of the most excellent support/product teams I worked with so far! I would say, you guys know very well your product when it comes to troubleshooting.

Patch My PC is an excellent tool to manage third party updates through SCCM. I’m completely satisfied.

Dinesh Tashildar - American Express
Dinesh Tashildar
Lead Technical Architect

I was trialing Patch Connect Plus and having issues. PCP’s support was poor, outsourced, and they did not help me solve my issue. I switched to a Patch My PC trial and was experiencing the same issue. Justin reached out to Microsoft in less than an hour on my behalf and had a resolution.

Alexander Guarino - Harvard Business Publishing
Alexander Guarino
Systems Engineer

This was the easiest product to implement that I have ever used. And working with your company is always a pleasure.

Kurt Levitan - Harvard University
Kurt Levitan
Technical Architect

It’s been awesome and has met our needs perfectly. For ideas, etc. support has been super responsive and made the product worth its weight in gold over other competitors!

Sean Huggins - Patch My PC Review
Sean Huggans
Systems Engineer

I have been using the catalog for a while now, and I must say that I’m impressed by the high quality of the updates and the richness of the catalog.

Kent Agerlund - CTGlobal
Kent Agerlund

The “Base Installations” feature alone was well worth the switch from Ivanti to PMPC. It saves us countless hours every month!

Martin Jäger - Kremsmüller Industrieanlagenbau KG
Martin Jäger
System Administrator

Our experience has been great! We used to use SCCM for Adobe and Java updates only, but now we are able to use it for all of our 3rd party software while still using SCCM. It has made our endpoints much more secure in an automatic way.


Wish all vendors were like you guys.

Hudson Advisors Review
Joe Cormane

Everyone I encounter @ PMPC is awesome! Great Team and Great Product!

Ben Whitmore - Borough Council
Ben Whitmore
Technical Architecture Manager